1. The Field of the Invention
The present invention relates to systems and methods for generating and verifying electronic documents. More particularly, the present invention relates to electronic documents having embedded digital signatures and to systems and methods for generating and verifying electronic documents that have embedded digital signatures.
2. Background and Related Art
Signatures are often a formal requirement of various transactions. Many legal instruments, such as wills, contracts, and deeds, are not legally enforceable unless they are signed by the appropriate persons in a specified way. While the specific legal requirements relating to signatures may vary across jurisdictions, the requirement of having a signature on a document serves fundamental purposes. For instance, signatures should be indicative of the person that signed a particular document and signatures should be difficult to reproduce without authorization. Signatures should also identify what is signed such that it is difficult to alter the signed matter without being discovered. Signatures further serve to authenticate a document by identifying each person that signed the document and the act of signing a document is intended to bring the legal aspects of signing the document to the attention of the signer.
The procedures for affixing signatures to paper documents is relatively well established. In the digital realm, however, persons are more reluctant to affix a digital signature to an electronic document for various reasons even though the characteristics of digital signatures (such as authenticity and security) are arguably better than their paper counterparts. For example, persons place more trust in paper signatures in comparison to digital signatures.
When a digital signature is employed to sign a document, the signer first identifies exactly what is being signed. The document or data identified by the signer is hashed to generate a hash result that is essentially unique to the document. Then, the hash result is converted into a digital signature using a private key of the signer to encrypt the hash result. In this manner, both the document and the private key are related to the digital signature.
A significant disadvantage of digital signatures is that they are not an integral part of the document but are attached as a separate file to the document. This creates a significant risk that the digital signature will become disassociated from the document and nullify the effect of the digital signature and results in a document that is not verifiable, especially when the document and the attached digital signature are either stored or transmitted.
Often, documents that are signed with digital signatures are validated or verified. Verifying a digital signature requires that the verifier have access to the public key of the signer in order to decrypt the hash result that was encrypted with the private key of the signer. The difficulty of this proposition is that the public and private key of the signer are not intrinsically associated with the signer. In most cases, a certificate authority (CA) is used to solve this problem. The CA is a trusted third party that issues a digital certificate that states that the signer identified in the digital certificate is the owner of the public key that is the subject of the digital certificate.
Even though the CA provides some assurance that the proper key pair is being employed, digital signatures are still attached as a separate file to the documents that they digitally sign. As previously stated, this weakens the digital signature as an authenticator because the attachment can become separated from the document. This problem can become even more complicated when a document is signed by multiple persons. In this case, subsequent signatures do not incorporate previous signatures because each signature is a separate attachment.